Certified Information Systems Auditor (CISA) — Question 78

An IS auditor is reviewing an organization’s incident management processes and procedures. Which of the following observations should be the auditor’s GREATEST concern?

Answer options

• A. Ineffective incident classification
• B. Ineffective post-incident review
• C. Ineffective incident prioritization
• D. Ineffective incident detection

Correct answer: D

Explanation

Ineffective incident detection is the most critical issue because it means that incidents may go unnoticed, leading to unaddressed vulnerabilities and potential damage. While ineffective classification, prioritization, and post-incident review are certainly important, they are secondary to the fundamental ability to detect incidents in the first place.